O'Reilly logo

Solaris 8 Administrator's Guide by Paul Andrew Watters

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Chapter 9. Network Security

After creating a Solaris network, one of the greatest fears of many system administrators is the thought of the network coming under attack from either outside or within. Administrators of high-profile sites often perceive that they are under constant attack, and may be driven to the edges of paranoia by anticipating worst-case scenarios to unfold daily. When installed out of the box, Solaris (just like any other network operating system) provides many potential entry points for intruders to access a network. However, the modular nature of Solaris packages and the ease with which most services can be configured allows Solaris security to be customized to a level that is appropriate for the target installation. For example, a standalone Solaris system that runs accounting software and a local relational database does not need to worry about network attacks. An e-commerce site, on the other hand, depends on granting selective remote access to users for specific server-side applications, while protecting confidential and sensitive data on the server, such as credit card numbers. In addition, once access is gained to a single host on a Solaris network, distributed network information services, such as NIS+, make it easy to gain access to data residing on many different hosts within that local area network. This is not to say that NIS+ and similar systems should not be used—NIS+ is secure when hosts are protected from unauthorized access. It’s also important ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required